Fallos del tipo CWE-285
1295 resultadosCVE-2026-10236MEDIUMSourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorizationEPSS 0.4%CVE-2025-4819LOWy_project RuoYi Offline Logout batchForceLogout improper authorizationEPSS 0.4%CVE-2025-46840HIGHAdobe Experience Manager | Improper Authorization (CWE-285)EPSS 0.4%CVE-2026-30702CRITICALThe WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. TheEPSS 0.4%CVE-2025-10981MEDIUMJeecgBoot exportXls improper authorizationEPSS 0.4%CVE-2025-10979MEDIUMJeecgBoot exportXls improper authorizationEPSS 0.4%CVE-2025-10978MEDIUMJeecgBoot Filter exportXls improper authorizationEPSS 0.4%CVE-2020-8920LOWOveroptimization leads to private information leak in GerritEPSS 0.4%CVE-2026-1550MEDIUMPHPGurukul Hospital Management System Admin Dashboard adminviews.py improper authorizationEPSS 0.4%CVE-2025-10707MEDIUMJeecgBoot sendMsg improper authorizationEPSS 0.4%CVE-2025-10989MEDIUMyangzongzhuan RuoYi selectAll improper authorizationEPSS 0.4%CVE-2025-10947MEDIUMSistemas Pleno Gestão de Locação CPF validarCpf authorizationEPSS 0.4%CVE-2024-20333MEDIUMA vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remEPSS 0.4%CVE-2026-3764MEDIUMSourceCodester Client Database Management System superadmin_user_update.php improper authorizationEPSS 0.4%CVE-2026-1733MEDIUMZhong Bang CRMEB :uni tidyOrder improper authorizationEPSS 0.4%CVE-2026-3734MEDIUMSourceCodester Client Database Management System Endpoint fetch_manager_details.php improper authorizationEPSS 0.4%CVE-2026-2693MEDIUMCoCoTeaNet CyreneAdmin System Info Endpoint getCount improper authorizationEPSS 0.4%CVE-2025-54868HIGHLibreChat exposes arbitrary chats through Meilisearch engineEPSS 0.4%CVE-2025-3921HIGHPeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Missing Authorization to Limited Unauthenticated Arbitrary User Meta Update via handel_ajax_req FunctionEPSS 0.4%CVE-2023-22931MEDIUM‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk EnterpriseEPSS 0.4%